AlmaLinux 8 : thunderbird (ALSA-2021:5045)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:5045 advisory. - Thunderbird unexpectedly enabled JavaScript in the composition area. The JavaScript execution context was limited to this area and did not receive...

AlmaLinux 8 : ghostscript (ALSA-2021:1852)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1852 advisory. - A use after free was found in igcrelocstructptr of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a...

AlmaLinux 8 : userspace graphics, xorg-x11, and mesa (ALSA-2021:1804)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1804 advisory. - An integer overflow leading to a heap-buffer overflow was found in The X Input Method XIM client was implemented in libX11 before version 1.6.10. As per...

AlmaLinux 8 : freerdp (ALSA-2021:1849)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:1849 advisory. - In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. This...

AlmaLinux 8 : mariadb-connector-c (ALSA-2020:5503)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:5503 advisory. - Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.46 and prior, 5.7.28 and prior...

AlmaLinux 8 : exiv2 (ALSA-2021:4173)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4173 advisory. - A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata ...

AlmaLinux 8 : poppler and evince (ALSA-2021:1881)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1881 advisory. - A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file...

AlmaLinux 8 : libldb (ALSA-2021:1197)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1197 advisory. - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of th...

AlmaLinux 8 : libxslt (ALSA-2020:4464)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2020:4464 advisory. - libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -...

AlmaLinux 8 : llvm-toolset:rhel8 (ALSA-2021:4743)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4743 advisory. Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes were introduced in cla...

AlmaLinux 8 : kernel (ALSA-2021:1093)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1093 advisory. - In doepollctl and eploopcheckproc of eventpoll.c, there is a possible use after free due to a logic error. This could lead to local escalation of...

AlmaLinux 8 : virt:rhel (ALSA-2020:0279)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:0279 advisory. hw: TSX Transaction Asynchronous Abort TAA CVE-2019-11135 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note...

AlmaLinux 8 : binutils (ALSA-2021:4364)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4364 advisory. binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c readsection CVE-2021-3487 binutils: Race window allows use...

AlmaLinux 8 : gcc-toolset-11-annobin (ALSA-2021:4591)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4591 advisory. - An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control...

AlmaLinux 8 : mariadb:10.3 and mariadb-devel:10.3 (ALSA-2021:1242)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1242 advisory. mariadb: writable system variables allows a database user with SUPER privilege to execute arbitrary code as the system mysql user CVE-2021-27928 Tenable has...

AlmaLinux 8 : bluez (ALSA-2021:1598)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1598 advisory. - In BlueZ before 5.55, a double free was found in the gatttool disconnectcb routine from shared/att.c. A remote attacker could potentially cause a denial of servi...

AlmaLinux 8 : exiv2 (ALSA-2020:1577)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:1577 advisory. exiv2: infinite loop and hang in Jp2Image::readMetadata in jp2image.cpp could lead to DoS CVE-2019-20421 exiv2: null pointer dereference in the...

AlmaLinux 8 : lldpad (ALSA-2019:3673)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2019:3673 advisory. - lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allow an attacker to...

AlmaLinux 8 : linux-firmware (ALSA-2020:5479)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:5479 advisory. - Improper buffer restriction in some IntelR Wireless BluetoothR products before version 21.110 may allow an unauthenticated user to potentially enable escalation ...

AlmaLinux 8 : curl (ALSA-2021:4511)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4511 advisory. - curl 7.1.1 to and including 7.75.0 is vulnerable to an Exposure of Private Personal Information to an Unauthorized Actor by leaking credentials in the...